Microsoft Edge Chromium vulnerabilities

CVE-2023-36880 [MEDIUM] CVE-2023-36880: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2023-38174 [MEDIUM] CVE-2023-38174: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2023-6345 [CRITICAL] CWE-190 CVE-2023-6345: Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High)

CVE-2023-36026 [MEDIUM] CVE-2023-36026: Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2023-36008 [MEDIUM] CWE-416 CVE-2023-36008: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2023-36024 [HIGH] CWE-269 CVE-2023-36024: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2023-36014 [HIGH] CWE-94 CVE-2023-36014: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2023-36027 [MEDIUM] CVE-2023-36027: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2023-36409 [MEDIUM] CVE-2023-36409: Microsoft Edge (Chromium-based) Information Disclosure Vulnerability Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE-2023-36034 [HIGH] CWE-416 CVE-2023-36034: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2023-36022 [MEDIUM] CWE-94 CVE-2023-36022: Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability

CVE-2023-44323 [MEDIUM] CWE-416 CVE-2023-44323: Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerabi Adobe Acrobat for Edge version 118.0.2088.46 (and earlier) is affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2023-36559 [MEDIUM] CVE-2023-36559: Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2023-5217 [HIGH] CWE-787 CVE-2023-5217: Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1 Heap buffer overflow in vp8 encoding in libvpx in Google Chrome prior to 117.0.5938.132 and libvpx 1.13.1 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE-2023-36735 [CRITICAL] CWE-416 CVE-2023-36735: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2023-36562 [HIGH] CWE-416 CVE-2023-36562: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE-2023-36727 [MEDIUM] CVE-2023-36727: Microsoft Edge (Chromium-based) Spoofing Vulnerability Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE-2023-4863 [HIGH] CWE-787 CVE-2023-4863: Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)

CVE-2023-4762 [HIGH] CWE-843 CVE-2023-4762: Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute a Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)

CVE-2023-36741 [HIGH] CWE-416 CVE-2023-36741: Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability